Export limit exceeded: 346260 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346260 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22383 | 2 Mikado-themes, Wordpress | 2 Pawfriends - Pet Shop And Veterinary Wordpress Theme, Wordpress | 2026-04-23 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through <= 1.3. | ||||
| CVE-2026-22365 | 2 Axiomthemes, Wordpress | 2 Soleng, Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleng soleng allows PHP Local File Inclusion.This issue affects Soleng: from n/a through <= 1.0.5. | ||||
| CVE-2026-22351 | 2 Marcus (aka @msykes), Wordpress | 2 Wp Fullcalendar, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in Marcus (aka @msykes) WP FullCalendar wp-fullcalendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP FullCalendar: from n/a through <= 1.6. | ||||
| CVE-2026-22350 | 2 Add-ons.org, Wordpress | 2 Pdf For Elementor Forms + Drag And Drop Template Builder, Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through <= 6.3.1. | ||||
| CVE-2026-22349 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in linux4me2 Menu In Post menu-in-post allows DOM-Based XSS.This issue affects Menu In Post: from n/a through <= 1.4.1. | ||||
| CVE-2026-22348 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in Tasos Fel Civic Cookie Control civic-cookie-control-8 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Civic Cookie Control: from n/a through <= 1.53. | ||||
| CVE-2026-22341 | 2 Case-themes, Wordpress | 2 Booked, Wordpress | 2026-04-23 | 6.7 Medium |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through <= 3.0.0. | ||||
| CVE-2026-22324 | 2 Themerex, Wordpress | 2 Melania, Wordpress | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Melania melania allows PHP Local File Inclusion.This issue affects Melania: from n/a through <= 2.5.0. | ||||
| CVE-2026-0674 | 2 Campaign Monitor, Wordpress | 2 For Wordpress, Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Campaign Monitor Campaign Monitor for WordPress forms-for-campaign-monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Campaign Monitor for WordPress: from n/a through <= 2.9.1. | ||||
| CVE-2025-69401 | 2 Mdalabar, Wordpress | 2 Wooodt Lite, Wordpress | 2026-04-23 | 7.5 High |
| Authentication Bypass by Spoofing vulnerability in mdalabar WooODT Lite byconsole-woo-order-delivery-time allows Identity Spoofing.This issue affects WooODT Lite: from n/a through <= 2.5.2. | ||||
| CVE-2025-69394 | 2 Cnvrse, Wordpress | 2 Cnvrse, Wordpress | 2026-04-23 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cnvrse: from n/a through < 026.02.10.20. | ||||
| CVE-2025-69393 | 2 Jthemes, Wordpress | 2 Exzo, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in Jthemes Exzo exzo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exzo: from n/a through <= 1.2.4. | ||||
| CVE-2025-69385 | 2 Agnihd, Wordpress | 2 Cartify - Woocommerce Gutenberg Wordpress Theme, Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in AgniHD Cartify - WooCommerce Gutenberg WordPress Theme cartify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cartify - WooCommerce Gutenberg WordPress Theme: from n/a through <= 1.3. | ||||
| CVE-2025-69378 | 2 Wordpress, Xforwoocommerce | 2 Wordpress, Product Filter For Woocommerce | 2026-04-23 | 7.2 High |
| Incorrect Privilege Assignment vulnerability in XforWooCommerce Product Filter for WooCommerce prdctfltr allows Privilege Escalation.This issue affects Product Filter for WooCommerce: from n/a through <= 9.1.2. | ||||
| CVE-2025-69373 | 2 Beeteam368, Wordpress | 2 Vidorev, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in beeteam368 VidoRev vidorev allows PHP Local File Inclusion.This issue affects VidoRev: from n/a through <= 2.9.9.9.9.9.7. | ||||
| CVE-2025-69364 | 2 Cloudways, Wordpress | 2 Breeze, Wordpress | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through <= 2.2.21. | ||||
| CVE-2025-69363 | 2 Cyberchimps, Wordpress | 2 Responsive Addons For Elementor, Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in CyberChimps Responsive Addons for Elementor responsive-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Addons for Elementor: from n/a through <= 2.0.8. | ||||
| CVE-2025-69362 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH UiChemy uichemy allows Stored XSS.This issue affects UiChemy: from n/a through <= 4.4.2. | ||||
| CVE-2025-69359 | 2 Wordpress, Wpfunnels | 2 Wordpress, Creator Lms | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in WPFunnels Creator LMS creatorlms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Creator LMS: from n/a through <= 1.1.12. | ||||
| CVE-2025-69358 | 2 Metagauss, Wordpress | 2 Eventprime, Wordpress | 2026-04-23 | 7.5 High |
| Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.6.0. | ||||